Jump to content
Sign in to follow this  
Followers 0
MsKelly

How do I know what's bad and what's needed?

By MsKelly, in General Questions

Recommended Posts

MsKelly   

MsKelly
Posted

On my first scan with SuperAntiSpyware, I couldn't tell from MY technical knowledge what was good and what was bad, and so quarantined everything - resulting in being unable to access the internet. It was late and my daughter was waiting to get on, so I just restored everything.

How can I tell what needs to stay and what needs to go? My current problems are when I get Yahoo! search results and click on a link for a website, I'm hijacked to apartmentfinder or gamevance or tazinga or someplace else I don't want. I'm also having IE pop up randomly two windows at a time wanting me to go to gamevance or someplace else. My default browser is Firefox. What do I look for to fix those problems?

Share this post

Link to post
Share on other sites

Seth   

Seth
Posted

Welcome to the SuperAntiSpyware forum MsKelly.

If you post the SuperAntiSpyware scan log, we can have a look at what was detected and then provide further advice.

The scan log is found in SAS's Preferences-->Statistics/Logs

Share this post

Link to post
Share on other sites

danny09411   

danny09411
Posted

hi mskelly some malware makes a proxy server click on internet explorer click tools /internet options / connections /lan setings if use a proxy server is ticked un tick it and try again and see if u get redirected or not and quarantine the malware again

Share this post

Link to post
Share on other sites

MsKelly   

MsKelly
Posted

Welcome to the SuperAntiSpyware forum MsKelly.

If you post the SuperAntiSpyware scan log, we can have a look at what was detected and then provide further advice.

The scan log is found in SAS's Preferences-->Statistics/Logs

OK, but this is long!

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 06/01/2010 at 05:43 PM

Application Version : 4.38.1004

Core Rules Database Version : 5012

Trace Rules Database Version: 2824

Scan type : Quick Scan

Total Scan Time : 01:07:13

Memory items scanned : 864

Memory threats detected : 1

Registry items scanned : 652

Registry threats detected : 24

File items scanned : 13509

File threats detected : 228

Trojan.Dropper/Storm

C:\WINDOWS\WGOGYA.EXE.EXE

C:\WINDOWS\WGOGYA.EXE.EXE

[QZAIB7KITK] C:\WINDOWS\WGOGYA.EXE.EXE

C:\WINDOWS\Prefetch\WGOGYA.EXE.EXE-2BAEFC45.pf

Adware.Tracking Cookie

C:\Documents and Settings\Mom\Cookies\mom@bs.serving-sys[1].txt

C:\Documents and Settings\Mom\Cookies\mom@revsci[2].txt

C:\Documents and Settings\Mom\Cookies\mom@pointroll[2].txt

C:\Documents and Settings\Mom\Cookies\mom@realmedia[1].txt

C:\Documents and Settings\Mom\Cookies\mom@www.burstnet[1].txt

C:\Documents and Settings\Mom\Cookies\mom@advertising[1].txt

C:\Documents and Settings\Mom\Cookies\mom@ads.pubmatic[2].txt

C:\Documents and Settings\Mom\Cookies\mom@ad.yieldmanager[3].txt

C:\Documents and Settings\Mom\Cookies\mom@content.yieldmanager[2].txt

C:\Documents and Settings\Mom\Cookies\mom@atdmt[2].txt

C:\Documents and Settings\Mom\Cookies\mom@content.yieldmanager[3].txt

C:\Documents and Settings\Mom\Cookies\mom@zillow.adbureau[2].txt

C:\Documents and Settings\Mom\Cookies\mom@serving-sys[2].txt

C:\Documents and Settings\Mom\Cookies\mom@burstnet[1].txt

C:\Documents and Settings\Mom\Cookies\mom@ads.bcserving[1].txt

C:\Documents and Settings\Mom\Cookies\mom@bluestreak[1].txt

C:\Documents and Settings\Mom\Cookies\mom@statcounter[2].txt

C:\Documents and Settings\Mom\Cookies\mom@servedby.adxpower[1].txt

C:\Documents and Settings\Mom\Cookies\mom@zedo[1].txt

C:\Documents and Settings\Mom\Cookies\mom@adlegend[2].txt

C:\Documents and Settings\Mom\Cookies\mom@bannertgt[1].txt

C:\Documents and Settings\Mom\Cookies\mom@media6degrees[1].txt

C:\Documents and Settings\Mom\Cookies\mom@oasn04.247realmedia[1].txt

C:\Documents and Settings\Mom\Cookies\mom@ads.bridgetrack[2].txt

C:\Documents and Settings\Mom\Cookies\mom@network.realmedia[2].txt

C:\Documents and Settings\Mom\Cookies\mom@rotator.adjuggler[2].txt

C:\Documents and Settings\Mom\Cookies\mom@crackle[1].txt

C:\Documents and Settings\Mom\Cookies\mom@ads.us.e-planning[1].txt

C:\Documents and Settings\Mom\Cookies\mom@eas.apm.emediate[2].txt

C:\Documents and Settings\Mom\Cookies\mom@questionmarket[2].txt

C:\Documents and Settings\Mom\Cookies\mom@invitemedia[1].txt

C:\Documents and Settings\Mom\Cookies\mom@ads.creafi[1].txt

C:\Documents and Settings\Mom\Cookies\mom@ads.pointroll[1].txt

C:\Documents and Settings\Mom\Cookies\mom@lucidmedia[2].txt

C:\Documents and Settings\Mom\Cookies\mom@247realmedia[2].txt

C:\Documents and Settings\Mom\Cookies\mom@adxpose[1].txt

C:\Documents and Settings\Mom\Cookies\mom@adx.bidsystem[1].txt

C:\Documents and Settings\Mom\Cookies\mom@server.cpmstar[2].txt

C:\Documents and Settings\Mom\Cookies\mom@legolas-media[2].txt

C:\Documents and Settings\Mom\Cookies\mom@doubleclick[2].txt

C:\Documents and Settings\Mom\Cookies\mom@clicksor[1].txt

C:\Documents and Settings\Mom\Cookies\mom@adserving.contextualmarketplace[2].txt

C:\Documents and Settings\Mom\Cookies\mom@adbrite[1].txt

C:\Documents and Settings\Mom\Cookies\mom@myroitracking[2].txt

C:\Documents and Settings\Mom\Cookies\mom@adserving.claxon[1].txt

C:\Documents and Settings\Mom\Cookies\mom@adserver.adtechus[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@247realmedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@yieldmanager[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pointroll[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pointroll[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pointroll[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@247realmedia[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@adx.bidsystem[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@dc.tremormedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pointroll[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@adecn[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@atdmt[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@atdmt[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@atdmt[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@atdmt[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@kontera[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clicksor[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.bighealthtree[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@adlegend[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@revenue[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@dr.findlinks[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@atdmt[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@statcounter[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@statcounter[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.jmg[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@cdn4.specificclick[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@cdn4.specificclick[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@cdn4.specificclick[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@cdn4.specificclick[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@cdn4.specificclick[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@interclick[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@apmebf[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@stats.adbrite[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertise[6].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertise[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertise[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertise[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertise[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertise[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificmedia[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificmedia[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificmedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificmedia[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@ru4[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@burstbeacon[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@adcloudmedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificmedia[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@adbrite[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@adbrite[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickpayz6.91469.blueseek[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickpayz7.91469.blueseek[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickpayz6.91469.blueseek[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickpayz8.91469.blueseek[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickpayz2.91469.blueseek[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickpayz1.91469.blueseek[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@videoegg.adbureau[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@click.fastpartner[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@click.fastpartner[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@chitika[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@burstnet[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@enhance[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@adxpose[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@adxpose[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@trafficengine[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickpayz9.91469.blueseek[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@atlas.entrepreneur[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@click.fastpartner[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@top5countdown.mevio[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@mediaplex[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@adserver.adtechus[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@insightexpressai[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[7].txt

C:\Documents and Settings\NetworkService\Cookies\system@casalemedia[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@casalemedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[8].txt

C:\Documents and Settings\NetworkService\Cookies\system@bs.serving-sys[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.bridgetrack[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[6].txt

C:\Documents and Settings\NetworkService\Cookies\system@legolas-media[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@realmedia[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@realmedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@mediaforge[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.vidsense[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[6].txt

C:\Documents and Settings\NetworkService\Cookies\system@myroitracking[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.intergi[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.intergi[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[6].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@fastclick[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@realmedia[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@realmedia[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickforensics[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.undertone[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@zedo[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.gossipcenter[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@zedo[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@www.burstbeacon[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@mediatraffic[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@tacoda[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@a1.interclick[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@tacoda[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@entrepreneur.122.2o7[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@tribalfusion[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@www.burstnet[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@www.googleadservices[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@at.atwola[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@tribalfusion[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@serving-sys[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@questionmarket[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@revsci[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@mediaforgews[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@questionmarket[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@cdn1.trafficmp[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@trafficmp[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@revsci[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@oasn04.247realmedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@questionmarket[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@d.jambomedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@network.realmedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@network.realmedia[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@www.entrepreneur[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@p122t1s627182.kronos.bravenetmedia[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@pointroll[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificclick[6].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificclick[5].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificclick[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificclick[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@specificclick[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@ad.candystand[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@libertymutual.112.2o7[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@t.pointroll[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@imrworldwide[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@click.kiwinets[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@imrworldwide[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@cdn.jemamedia[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertising[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@advertising[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@ads.addynamix[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickthrough.kanoodle[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickthrough.kanoodle[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickthrough.kanoodle[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@clickthrough.kanoodle[1].txt

C:\Documents and Settings\NetworkService\Cookies\system@imrworldwide[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@pointroll[4].txt

C:\Documents and Settings\NetworkService\Cookies\system@pointroll[3].txt

C:\Documents and Settings\NetworkService\Cookies\system@pointroll[2].txt

C:\Documents and Settings\NetworkService\Cookies\system@adecn[1].txt

C:\Documents and Settings\Rachel\Cookies\rachel@atdmt[2].txt

Rogue.Component/Trace

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#Aff

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#AdvancedScanType

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#FirstRunUrl

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#AfterRegisterUrl

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#LabelUrl

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#TermsUrl

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#HelpURL

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#BillingURL

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#BillingUrlApproved

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#TransactionKey

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#BillingRegURL

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#BillingURL2

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#BillingUrlApproved2

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#LastRun

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#InstallDate

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#pPath

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#pName

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#SecurityVector

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#Scans

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037\Options#LastScan

HKU\S-1-5-21-302030840-836795111-2870686734-1013\Software\97868168108574930574008165558037

Adware.Flash Tracking Cookie

C:\Documents and Settings\Mom\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q92Q5C9W\CRACKLE.COM

C:\Documents and Settings\Mom\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q92Q5C9W\SECURE-US.IMRWORLDWIDE.COM

Malware.Trace

C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

HKU\S-1-5-21-302030840-836795111-2870686734-1013\SOFTWARE\QZAIB7KITK

Trojan.SVCHost/Fake

C:\DOCUMENTS AND SETTINGS\MOM\LOCAL SETTINGS\TEMP\SVCHOST.EXE

Trojan.Agent/Gen-ImageDocFake

C:\DOCUMENTS AND SETTINGS\RACHEL\LOCAL SETTINGS\TEMP\0.5584850103178916.GIF

Trojan.Agent/Gen-CDesc[EndSec]

C:\DOCUMENTS AND SETTINGS\RACHEL\LOCAL SETTINGS\TEMP\WNW.EXE

C:\WINDOWS\WGOGYA.EXE

C:\WINDOWS\Prefetch\WGOGYA.EXE-1A28075C.pf

Share this post

Link to post
Share on other sites

Seth   

Seth
Posted

Thanks for the log.

Please update SAS then run a complete (not quick) scan with SAS.

If you still have the issue following the complete scan, then please open a support ticket via this link:

https://www.superantispyware.com/csr

In the support ticket, mention this thread.

The purpose of this ticket will allow SAS to analyze the infection and make appropriate changes to remove the infection(s). Such changes will normally occur with a definition file update, and will also benefit all the other SAS users who may have this particular infection.

I also noticed from the log that the quick scan took much longer than usual. Once the infections are removed, we can address that issue if it remains.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing General Questions
×